8:42 AM
Anonymous
During this type of attack, the attacker is trying to bypass security
mechanisms while having minimal knowledge about them. Using one or more
accessible methods: dictionary attack (with or without mutations),
brute-force attack (with given classes of characters e.g.:
alphanumerical, special, case (in)sensitive) the attacker is trying to
achieve his/her goal. Considering a given method, number of tries,
efficiency of the system, which conducts the attack and estimated
efficiency of the system which is attacked, the attacker is able to
calculate how long the attack will have to last. Non brute-force
attacks, on the other hand, which includes all classes of characters,
give no certainty of success.
TOP 5 tools :-
1)cain and abel
2) Johan the Ripper
3)THC HYDRA
4)aircrack
5)L0phtcrack
http://yehg.net/lab/pr0js/files.php/php_brute_force_detect.zip
Detect your web servers being scanned by brute force tools such as WFuzz, OWASP DirBuster and vulnerability scanners such as Nessus, Nikto, Acunetix ..etc. This helps you quickly identify probable probing by bad guys who's wanna dig possible security holes.
http://yehg.net/lab/pr0js/tools/php-brute-force-detector-readme.pdf
TOP 5 tools :-
1)cain and abel
2) Johan the Ripper
3)THC HYDRA
4)aircrack
5)L0phtcrack
Defensive Tools
Php-Brute-Force-Attack Detectorhttp://yehg.net/lab/pr0js/files.php/php_brute_force_detect.zip
Detect your web servers being scanned by brute force tools such as WFuzz, OWASP DirBuster and vulnerability scanners such as Nessus, Nikto, Acunetix ..etc. This helps you quickly identify probable probing by bad guys who's wanna dig possible security holes.
http://yehg.net/lab/pr0js/tools/php-brute-force-detector-readme.pdf
Posted in: Attacks
0 comments:
Post a Comment